Showing posts with label social media attack. Show all posts
Showing posts with label social media attack. Show all posts

Sunday, October 27, 2019

Top Tips to Securely Using Social Media


Manhattan College IT Services is sharing cyber safety tips in support of raising awareness during National Cyber Security Awareness Month, October 2019.

Overview 

Social media sites, such as Snapchat, Facebook, Twitter, Instagram, and LinkedIn, are amazing resources, allowing you to meet, interact, and share with people around the world. However, with all this power comes risks--not just for you, but your family, friends, and employer. In this post, we cover the key steps to making the most of social media securely and safely. 

Posting 

Be careful and think before posting. Anything you post will most likely become public at some point, impacting your reputation and future, including where you can go to school or the jobs you can get. If you don’t want your family or boss to see it, you probably shouldn’t post it. Also, be aware of what others are posting about you. You may have to ask others to remove what they share about you. 

Privacy 

Almost all social media sites have strong privacy options. Enable them when possible. For example, does the site really need to be able to track your location? In addition, privacy options can be confusing and change often. Make it a habit to check and confirm they are working as you expect them to. 

Passphrase 

Secure your social media account with a long, unique passphrase. A passphrase is a password made up of multiple words, making it easy for you to type and remember, but hard for cyber attackers to guess. 

Lock Down Your Account 

Even better, enable two-factor authentication on all of your accounts. This adds a one-time code with your password when you need to log in to your account. This is actually very simple and is one of the most powerful ways to secure your account. 

Scams 

Just like in email, bad guys will attempt to trick or fool you using social media messages. For example, they may try to trick you out of your password or credit card. Be careful what you click on: If a friend sends you what appears to be an odd message or one that does not sound like them, it could be a cyber attacker pretending to be your friend. 

Terms of Services

Know the site’s terms of service. Anything you post or upload might become the property of the site.

Work

If you want to post anything about work, check with your supervisor first to make sure it is okay to publicly share.
Follow these tips to enjoy a much safer online experience. To learn more on how to use social media sites safely, or report unauthorized activity, check your social media site’s security page.


Be Secure Online! Refer to Manhattan College's Cyber Safety site for additional resources.

Refer to Manhattan College's Email Signature Knowledge Base 
Article for instructions on how to create your own email signature. 
Using a Manhattan College email signature is important because it is the perfect opportunity to brand every message you send. By creating a cohesive email signature for each employee on your team, you create brand recognition in every person to whom your employees sends emails. 

Reach out to IT Services with any questions:



Partially reposted from www.sans.org/security-awareness


Posted by at
Labels: , , , , , ,

Sunday, October 6, 2019

Stop That Phish

Overview




phishing computer screen

Email and messaging services (such as Skype, Twitter, or Snapchat) are one of the primary ways we communicate. We not only use these technologies every day for work, but also to stay in touch with friends and family. Since so many people around the world depend on these technologies, they have become one of the primary attack methods used by cyber attackers. This attack method is called phishing. Learn what phishing is and how you can spot and stop these attacks, regardless if you are at work or at home.

What Is Phishing

Phishing is a type of attack that uses email or a messaging service to fool you into taking an action you should not take, such as clicking on a malicious link, sharing your password, or opening an infected email attachment. Attackers work hard to make these messages convincing and tap your emotional triggers, such as urgency or curiosity. They can make them look like they came from someone or something you know, such as a friend or a trusted company you frequently use. They could even add logos of your bank or forge the email address so the message appears more legitimate. Attackers then send these messages to millions of people. They do not know who will take the bait, all they know is the more they send, the more people will fall victim.

Protecting Yourself

In almost all cases, opening and reading an email or message is fine. For a phishing attack to work, the bad guys need to trick you into doing something. Fortunately, there are clues that a message is an attack. Here are the most common ones:
  • A tremendous sense of urgency that demands “immediate action” before something bad happens, like threatening to close an account or send you to jail. The attacker wants to rush you into making a mistake.
     
  • Pressuring you to bypass or ignore your policies or procedures at work.
     
  • A strong sense of curiosity or something that is too good to be true. (No, you did not win the lottery.)
     
  • A generic salutation like “Dear Customer.” Most companies or friends contacting you know your name.
     
  • Requesting highly sensitive information, such as your credit card number, password, or any other information that a legitimate sender should already know.
     
  • The message says it comes from an official organization, but has poor grammar or spelling or uses a personal email address like @gmail.com.
     
  • The message comes from an official email (such as your boss) but has a Reply-To address going to someone’s personal email account.
     
  • You receive a message from someone you know, but the tone or wording just does not sound like him or her. If you are suspicious, call the sender to verify they sent it. It is easy for a cyber attacker to create a message that appears to be from a friend or coworker.
Ultimately, common sense is your best defense. If an email or message seems odd, suspicious, or too good to be true, it may be a phishing attack. 
Be Secure Online! Refer to Manhattan College's Cyber Safety site for additional resources.

Refer to Manhattan College's Email Signature Knowledge Base 
Article for instructions on how to create your own email signature.

Using a Manhattan College email signature is important because it is the perfect opportunity to brand every message you send. By creating a cohesive email signature for each employee on your team, you create brand recognition in every person to whom your employees sends emails. 

Reach out to IT Services with any questions:


Posted by at
Labels: , , , , ,
Subscribe to: Posts (Atom)